Exploit Development, Part 3: Finding Vulnerabilities by Fuzzing with Spike

Often, as part of the exploit development process, we will want to test an application for vulnerabilities, especially buffer overflows. One of the ways we can do that is to send random, varying length, invalid data at the application and see what happens. If we can get the application to crash, this often is a sign of a vulnerability that we can then develop an exploit for later.